Failed Conditions
Push — ng ( 68a719...06acb0 )
by Florent
23:02
created

theClientIdCannotBeFoundInTheRequest()   A

Complexity

Conditions 1
Paths 1

Size

Total Lines 11
Code Lines 8

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
dl 0
loc 11
rs 9.4285
c 0
b 0
f 0
cc 1
eloc 8
nc 1
nop 0
1
<?php
2
3
declare(strict_types=1);
4
5
/*
6
 * The MIT License (MIT)
7
 *
8
 * Copyright (c) 2014-2018 Spomky-Labs
9
 *
10
 * This software may be modified and distributed under the terms
11
 * of the MIT license.  See the LICENSE file for details.
12
 */
13
14
namespace OAuth2Framework\Component\Server\TokenEndpoint\Tests;
15
16
use OAuth2Framework\Component\Server\Core\Client\Client;
17
use OAuth2Framework\Component\Server\Core\Client\ClientId;
18
use OAuth2Framework\Component\Server\Core\DataBag\DataBag;
19
use OAuth2Framework\Component\Server\Core\UserAccount\UserAccountId;
20
use OAuth2Framework\Component\Server\TokenEndpoint\AuthenticationMethod\AuthenticationMethodManager;
21
use OAuth2Framework\Component\Server\TokenEndpoint\AuthenticationMethod\ClientSecretBasic;
22
use PHPUnit\Framework\TestCase;
23
use Psr\Http\Message\ServerRequestInterface;
24
25
/**
26
 * @group TokenEndpoint
27
 * @group AuthenticationMethod
28
 */
29
final class ClientSecretBasicAuthenticationMethodTest extends TestCase
30
{
31
    /**
32
     * @test
33
     */
34
    public function genericCalls()
35
    {
36
        $method = new ClientSecretBasic('My Service');
37
38
        self::assertEquals(['Basic realm="My Service",charset="UTF-8"'], $method->getSchemesParameters());
39
        self::assertEquals(['client_secret_basic'], $method->getSupportedMethods());
40
    }
41
42
    /**
43
     * @test
44
     */
45
    public function theClientIdCannotBeFoundInTheRequest()
46
    {
47
        $manager = new AuthenticationMethodManager();
48
        $manager->add(new ClientSecretBasic('My Service'));
49
        $request = $this->prophesize(ServerRequestInterface::class);
50
        $request->getHeader('Authorization')->willReturn(null);
51
52
        $clientId = $manager->findClientIdAndCredentials($request->reveal(), $credentials);
53
        self::assertNull($clientId);
54
        self::assertNull($credentials);
55
    }
56
57
    /**
58
     * @test
59
     */
60
    public function theClientIdAndClientSecretHaveBeenFoundInTheRequest()
61
    {
62
        $manager = new AuthenticationMethodManager();
63
        $manager->add(new ClientSecretBasic('My Service'));
64
        $request = $this->prophesize(ServerRequestInterface::class);
65
        $request->getHeader('Authorization')->willReturn(['Basic '.base64_encode('CLIENT_ID:CLIENT_SECRET')]);
66
67
        $clientId = $manager->findClientIdAndCredentials($request->reveal(), $method, $credentials);
68
        self::assertInstanceOf(ClientSecretBasic::class, $method);
69
        self::assertInstanceOf(ClientId::class, $clientId);
70
        self::assertEquals('CLIENT_SECRET', $credentials);
71
72
        $client = Client::createEmpty();
73
        $client = $client->create(
74
            ClientId::create('CLIENT_ID'),
75
            DataBag::create([
76
                'client_secret' => 'CLIENT_SECRET',
77
                'token_endpoint_auth_method' => 'client_secret_basic',
78
            ]),
79
            UserAccountId::create('USER_ACCOUNT_ID')
80
        );
81
82
        self::assertTrue($manager->isClientAuthenticated($request->reveal(),$client, $method,'CLIENT_SECRET'));
0 ignored issues
show
Bug introduced by
It seems like $method can be null; however, isClientAuthenticated() does not accept null, maybe add an additional type check?

Unless you are absolutely sure that the expression can never be null because of other conditions, we strongly recommend to add an additional type check to your code:

/** @return stdClass|null */
function mayReturnNull() { }

function doesNotAcceptNull(stdClass $x) { }

// With potential error.
function withoutCheck() {
    $x = mayReturnNull();
    doesNotAcceptNull($x); // Potential error here.
}

// Safe - Alternative 1
function withCheck1() {
    $x = mayReturnNull();
    if ( ! $x instanceof stdClass) {
        throw new \LogicException('$x must be defined.');
    }
    doesNotAcceptNull($x);
}

// Safe - Alternative 2
function withCheck2() {
    $x = mayReturnNull();
    if ($x instanceof stdClass) {
        doesNotAcceptNull($x);
    }
}
Loading history...
83
    }
84
85
    /**
86
     * @test
87
     */
88
    public function theClientUsesAnotherAuthenticationMethod()
89
    {
90
        $method = new ClientSecretBasic('My Service');
91
        $manager = new AuthenticationMethodManager();
92
        $manager->add($method);
93
        $client = Client::createEmpty();
94
        $client = $client->create(
95
            ClientId::create('CLIENT_ID'),
96
            DataBag::create([
97
                'client_secret' => 'CLIENT_SECRET',
98
                'token_endpoint_auth_method' => 'client_secret_post',
99
            ]),
100
            UserAccountId::create('USER_ACCOUNT_ID')
101
        );
102
        $request = $this->prophesize(ServerRequestInterface::class);
103
        $request->getParsedBody()->willReturn([
104
            'client_id' => 'CLIENT_ID',
105
            'client_secret' => 'CLIENT_SECRET',
106
        ]);
107
108
        self::assertFalse($manager->isClientAuthenticated($request->reveal(),$client, $method,'CLIENT_SECRET'));
109
    }
110
111
    /**
112
     * @test
113
     */
114
    public function theClientConfigurationCanBeChecked()
115
    {
116
        $method = new ClientSecretBasic('My Service');
117
        $validatedParameters = $method->checkClientConfiguration(DataBag::create([]), DataBag::create([]));
118
119
        self::assertTrue($validatedParameters->has('client_secret'));
120
        self::assertTrue($validatedParameters->has('client_secret_expires_at'));
121
    }
122
}
123